aboutsummaryrefslogtreecommitdiffstats
path: root/kernel/audit.c
diff options
context:
space:
mode:
Diffstat (limited to 'kernel/audit.c')
-rw-r--r--kernel/audit.c14
1 files changed, 13 insertions, 1 deletions
diff --git a/kernel/audit.c b/kernel/audit.c
index 9c4f1af0c794..6f344b44d3d3 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -68,7 +68,7 @@ static int audit_failure = AUDIT_FAIL_PRINTK;
68 68
69/* If audit records are to be written to the netlink socket, audit_pid 69/* If audit records are to be written to the netlink socket, audit_pid
70 * contains the (non-zero) pid. */ 70 * contains the (non-zero) pid. */
71static int audit_pid; 71int audit_pid;
72 72
73/* If audit_limit is non-zero, limit the rate of sending audit records 73/* If audit_limit is non-zero, limit the rate of sending audit records
74 * to that number per second. This prevents DoS attacks, but results in 74 * to that number per second. This prevents DoS attacks, but results in
@@ -79,6 +79,10 @@ static int audit_rate_limit;
79static int audit_backlog_limit = 64; 79static int audit_backlog_limit = 64;
80static atomic_t audit_backlog = ATOMIC_INIT(0); 80static atomic_t audit_backlog = ATOMIC_INIT(0);
81 81
82/* The identity of the user shutting down the audit system. */
83uid_t audit_sig_uid = -1;
84pid_t audit_sig_pid = -1;
85
82/* Records can be lost in several ways: 86/* Records can be lost in several ways:
83 0) [suppressed in audit_alloc] 87 0) [suppressed in audit_alloc]
84 1) out of memory in audit_log_start [kmalloc of struct audit_buffer] 88 1) out of memory in audit_log_start [kmalloc of struct audit_buffer]
@@ -321,6 +325,7 @@ static int audit_netlink_ok(kernel_cap_t eff_cap, u16 msg_type)
321 case AUDIT_SET: 325 case AUDIT_SET:
322 case AUDIT_ADD: 326 case AUDIT_ADD:
323 case AUDIT_DEL: 327 case AUDIT_DEL:
328 case AUDIT_SIGNAL_INFO:
324 if (!cap_raised(eff_cap, CAP_AUDIT_CONTROL)) 329 if (!cap_raised(eff_cap, CAP_AUDIT_CONTROL))
325 err = -EPERM; 330 err = -EPERM;
326 break; 331 break;
@@ -344,6 +349,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
344 struct audit_buffer *ab; 349 struct audit_buffer *ab;
345 u16 msg_type = nlh->nlmsg_type; 350 u16 msg_type = nlh->nlmsg_type;
346 uid_t loginuid; /* loginuid of sender */ 351 uid_t loginuid; /* loginuid of sender */
352 struct audit_sig_info sig_data;
347 353
348 err = audit_netlink_ok(NETLINK_CB(skb).eff_cap, msg_type); 354 err = audit_netlink_ok(NETLINK_CB(skb).eff_cap, msg_type);
349 if (err) 355 if (err)
@@ -419,6 +425,12 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
419 err = -EOPNOTSUPP; 425 err = -EOPNOTSUPP;
420#endif 426#endif
421 break; 427 break;
428 case AUDIT_SIGNAL_INFO:
429 sig_data.uid = audit_sig_uid;
430 sig_data.pid = audit_sig_pid;
431 audit_send_reply(NETLINK_CB(skb).pid, seq, AUDIT_SIGNAL_INFO,
432 0, 0, &sig_data, sizeof(sig_data));
433 break;
422 default: 434 default:
423 err = -EINVAL; 435 err = -EINVAL;
424 break; 436 break;
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-12 01:26:38 -0500